Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

AI agents like OpenClaw could drain crypto wallets via ‘malicious skills’: CertiK

CertiK warns that OpenClaw’s rapid growth created critical security vulnerabilities exposing API keys, crypto wallets, and ...

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.